Detection Engineer

About us Boeing Defence Australia is shaping the future of aerospace and delivering some of the nation's most important programs for the Australian Defence Force. Joining us is a chance to make your mark, working with a diverse team that is united in pushing the boundaries of imagination and excellence. We currently employ more than 3,000 people across 14 sites in Australia and three international locations and have a range of opportunities available as we plan for future growth. The opportunity We are seeking a talented and experienced Detection Engineer to join our growing team. We are seeking a specialist who can establish Security Information and Event Management (SIEM) technologies, onboarding processes for monitoring systems, application monitoring, and developing detection use cases. The ideal candidate will have extensive experience with Splunk, firewall technologies, Threat management tools, and an exposure to incident response. The candidate must have or be able to gain and maintain and NV1 or higher AGSVA security clearance. Responsibilities : Lead the design, implementation, and configuration of SIEM solutions tailored to Boeing Australia's organisational needs. Develop monitoring plans in collaboration with system SMEs and onboard monitoring into the SIEM environment. Conduct regular reviews and updates of firewall rules and policies to align with security best practices. Utilise threat management tools such as MISP to collect, analyse, and share threat intelligence effectively. Integrate threat intelligence into the SIEM environment to enhance detection and response capabilities. Incident response, including detection, containment, eradication, and recovery from security incidents. Contribute to post-incident analysis to identify root causes and recommend improvements to prevent future incidents. Prepare and present reports on security metrics, detections, incidents, and trends to management. Work closely with cross-functional teams to enhance overall security awareness and practices. Provide training and mentorship to junior security staff on SIEM technologies, onboarding processes, detection use cases, and incident response procedures. Experience / Qualifications NV1, NV2 or the ability to hold and maintain NV1. Minimum of 5 years of experience in information security, with a focus on SIEM technologies, particularly Splunk. A diploma or degree in cyber security, IT, related discipline or equivalent experience Strong experience in onboarding systems and applications into SIEM environments. Familiarity with application monitoring best practices and tools. Proven experience in creating detection use cases based on threat intelligence and threat assessments. Experience with firewalls and network security principles. Familiarity with threat management tools, specifically MISP, and their application in security operations. Proven experience in incident response, including the ability to manage and mitigate security incidents effectively. Relevant certifications related to Splunk, or incident handling are a plus. Excellent analytical and problem-solving skills, demonstrating attention to detail. Strong communication skills, both verbal and written, with the ability to convey complex security concepts to non-technical stakeholders. Preferred Skills : Experience with scripting languages (e.g., Python, PowerShell) for automation and integration tasks. Knowledge of compliance frameworks (e.g., ISM, DSPF, NIST) and their application in security practices. Familiarity with cloud security principles and technologies. Applicants must be Australian Citizens to meet Defence security requirements. Culture We are committed to building a diverse and inclusive workplace. Female applicants, people of Aboriginal or Torres Strait Island descent and ex-defence personnel are encouraged to apply. Benefits Flexible working options Study assistance Salary packaging Employee Incentive Program Global opportunities How to apply If you are ready to join an innovative industry leader, click Apply Now. #J-18808-Ljbffr